i used to get an email with some log info about wrong logins etc, but all of a sudden that has stopped

only thing that has changed is the exim.conf, changed to spamblocker conf, is that the reason?

my aliases has not chnaged:
# root: admin

# It is a good idea to redirect any messages sent to system accounts so that
# they don't just get ignored. Here are some common examples:

bin: admin
daemon: admin
ftp: admin
nobody: admin
operator: admin
uucp: admin

# You should check your /etc/passwd for any others.
postmaster: admin
abuse: admin
hostmaster: admin
webmaster: admin
apache: admin
diradmin: admin
directadmin: admin
root: admin

mails send to root@servername get bounced back now:
A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

root@....nl
User 0 set for local_delivery transport is on the never_users list:
retry timeout exceeded


what does this mean? used to wrk before, if i remember right

Hello,

If /etc/aliases is how you want it (root: admin), then you need to make sure that "system_aliases" comes *before* "localuser" in your /etc/exim.conf:

eg:
system_aliases:
driver = redirect
allow_defer
allow_fail
data = ${lookup{$local_part}lsearch{/etc/aliases}}
file_transport = address_file
pipe_transport = address_pipe
retry_use_local_part
# user = exim

localuser:
driver = accept
check_local_user
condition = "${if eq {$domain} {$primary_hostname} {yes} {no}}"
transport = local_deliveryIf they're backwards, just swap them so that the /etc/aliases is tested before sending to the user.

John

John,

I'm beginning to think it would be a good idea to change them around...

Do you think it'll add any unexpected behaviors?

Jeff

right now it isn't..:
localuser:
driver = accept
check_local_user
transport = local_delivery

system_aliases:
driver = redirect
allow_defer
allow_fail
data = ${lookup{$local_part}lsearch{/etc/aliases}}
file_transport = address_file
pipe_transport = address_pipe
retry_use_local_part
# user = exim

i added an alias file in /etc/virtual/servename/aliases: root:admin
should that work also?
i can receive mails again at root@servername, but i don't know if ill receive logwatch on that adress again

Well, now I'm confused a bit more...

Here's the relevant contents, in order, from the SpamBlocked version of exim.conf; note that localuser comes before system_aliases:

localuser:
driver = accept
check_local_user
transport = local_delivery

system_aliases:
driver = redirect
allow_defer
allow_fail
data = ${lookup{$local_part}lsearch{/etc/aliases}}
file_transport = address_file
pipe_transport = address_pipe
retry_use_local_part
# user = exim
Yet I still get email addressed to root at my hostname.

And I have this directory:
[login@da1 virtual]$ ls -ald /etc/virtual/da1.ns-one.net/
drwx--x--x 2 mail mail 4096 May 3 07:58 /etc/virtual/da1.ns-one.net/
Did I create it by hand on May 3rd? I really don't remember.

Here's the content of my /etc/virtual/da1.ns-one.net/aliases file:

abuse: localuser@nobaloney.net
admin: localuser@nobaloney.net
hostmaster: localuser@nobaloney.net
postmaster: localuser@nobaloney.net
webmaster: localuser@nobaloney.net
root: localuser@nobaloney.net
Perhaps DA should automatically create something like this for the hostname.

Jeff

We are having the ssame problem. our script, that send us an email whenever a user create/delete a domain is send from root.. this only happened when eximi is 4.42, not before (4.31 or 4.24)

We have found some anomalies with 4.42 as well; I've brought some to John's attention and will start going through the changes logs at exim.org if necessary.

Note that I've edited my post immediately above as I had a :fail: command at the bottom of the aliases file.

That was incorrect.

The file as it's shown now is correct.

Jeff

Here's the content of my /etc/virtual/da1.ns-one.net/aliases file:

abuse: localuser@nobaloney.net
admin: localuser@nobaloney.net
hostmaster: localuser@nobaloney.net
postmaster: localuser@nobaloney.net
webmaster: localuser@nobaloney.net
root: localuser@nobaloney.net
Perhaps DA should automatically create something like this for the hostname.

Jeff

Was this ever done by DA? It seems to me that NONE of the alias files I can see on the server have those entries....

Mail send to abuse and root is returned as undeliverable.

From what I can see I will have to edit the alias file for every domain....and remember to do it with new ones added.

Seems rather odd.

Thom

You can do this for each domain in the control panel. I know I would not want this to be done by DA by default for every domain on the server. Also how would DA know where you want the mail delivered to?

If you want it done for the hostname then you would just edit the one alias file /etc/aliases You would not have to do it for every domain on the server.

The answer to your question depends on what you question is exactly. Are you asking about abuse@hostname and root@hostname or do you mean for every domain you host?

You can do this for each domain in the control panel. I know I would not want this to be done by DA by default for every domain on the server. Also how would DA know where you want the mail delivered to?

That's a good point about the delivery



If you want it done for the hostname then you would just edit the one alias file /etc/aliases You would not have to do it for every domain on the server.


I was under the impression that either by RFC or convention, addresses such as abuse@thedomain_name and postmaster@thedomain_name had to be reachable. Apparently with the standard DA implimentation none of those other than the host.thedomain_name are.

I looked in the mailqueue and there are quite a few messages "stuck" for abuse@userdomain.com with a note that there is no such user.

Yes, a catchall would solve that, but catchalls are spam collectors.

Thom, DirectAdmin does NOT create an aliases file for the hostname. It's one of those extras you get when you buy installation from me ;) .

And now I'm giving away more of my secrets. We do it only for the hostname.

Our welcome email tells our clients which email addresses are required by RFC but we leave it to them to set it up.

My guess is it can be automated by adding a script which DA will run automatically after a domain is created, creating forwarders directly to the site-user email address by default.

Jeff

It's one of those extras you get when you buy installation from me

Shouldn't this be in the advertising forum? Just kidding just kidding :) :)

Thom, DirectAdmin does NOT create an aliases file for the hostname. It's one of those extras you get when you buy installation from me ;) .


That, plus the set of dishes is a great motivating factor.



And now I'm giving away more of my secrets. We do it only for the hostname.


Apparently the folks that set mine up did something, as mail to abuse to the domain associated with the server is accepted, but I don't see anything in the aliases file....so something is lurking somewhere associated with admin.



Our welcome email tells our clients which email addresses are required by RFC but we leave it to them to set it up.

I guess I'll have to look at how Cobalt did it to get a list of the required aliases.

Who wudda thought that DA wasn't RFC compliant?

It's one of those extras you get when you buy installation from me

I would say the users are not RFC compliant. I do not think this should be one of DA's jobs. I do not want DA doing this for me. Like I said before how is DA going to know where you want abuse@domain.com to go to? Do you want abuse@domain.com to go to its own mailbox or do you want it to be forwarded to another mailbox?

I would say the users are not RFC compliant.

What file creates the aliases such as postmaster or abuse for the user that "owns" the server?



I do not think this should be one of DA's jobs. I do not want DA doing this for me. Like I said before how is DA going to know where you want abuse@domain.com to go to? Do you want abuse@domain.com to go to its own mailbox or do you want it to be forwarded to another mailbox?

It would seem to me that if we accept the premise that the domain is owned or administered by someusername, that the mail for abuse, postmaster and other RFC specified addresses could go to that address.

I suspect that could be handled via the alias file?

Jeff says he sends instructions to his customers on how to handle the RFC compliant addresses...do you, or do you manually enter the information? If you manually do it, how do you know where the abuse, etc. mail to go?

Sendmail makes use of a virtusertable to accomplish the above...

It would seem to me that if we accept the premise that the domain is owned or administered by someusername, that the mail for abuse, postmaster and other RFC specified addresses could go to that address.


My question is how is DA supposed to know without any user intervention if the abuse email is supposed to be delivered to the local email box or forwarded to another email. Email addressed to abuse@domain.com needs to be delivered somewhere. I or another user needs to make that decision. DA cannot possibly know where I want that email delivered to.

If I have 100 domains and I accept mail for abuse @ each of those domains is DA going to create 100 virtual email boxes for abuse. If so then I have to login 100 times to check those email boxes. Maybe I don't want that. Maybe I want them all forwarded to one email box. Do I want that email box to be located on the server or do I want it all forwarded to my gmail account? DA cannot possibly know where I want all that email to go. That is a decision that each user needs to make individually. Not all users are going to want the same thing done with the abuse email.


I suspect that could be handled via the alias file?

Sendmail makes use of a virtusertable to accomplish the above..

That doesn't have anything to do with what I am talking about. What are you going to put in the aliases file? You have to ask each one of your customers. But using DA your customers can set it up themselves. They can either create the email box or forwarder for abuse or any other address for their domains.


do you manually enter the information? If you manually do it, how do you know where the abuse, etc. mail to go?

That is exactly my point. If I don't know then how is DA going to know? Only each user knows what he wants to do with each email address. The users have to set it up. That is why they have a control panel.


What file creates the aliases such as postmaster or abuse for the user that "owns" the server?

The /etc/aliases file. This will work for email sent to the hostname of the server if the hostname is a fully qualified domain.

Since I have multiple servers I have the abuse email forwarded to a single account that I can log into to pick up the mail instead of having to log into hundreds of servers just to pick up abuse email.

I just don't want DA to be making decisions for me.

My question is how is DA supposed to know without any user intervention if the abuse email is supposed to be delivered to the local email box or forwarded to another email. Email addressed to abuse@domain.com needs to be delivered somewhere. I or another user needs to make that decision. DA cannot possibly know where I want that email delivered to.


I can see this is getting no where....but that's happened before. From what I can see, instead of DA doing something in the setup of a domain to setup RFC compliant email addresses, it does nothing.

Thanks for the dialectic.

Jeff maybe you can help the both us understand what the other is trying to say.

I will try again and use my own domain as an example.

RFC states that I should accept email for abuse @ newwebsite.com.

Now I can set up abuse @ newwebsite.com to go to its own virtual mailbox.

Or I can set up abuse @ newwebsite.com to be forwarded to another email address. I can set up abuse @ newwebsite.com to be forwarded to my gmail account floyd @ gmail.com.

How is DA supposed to know which one I personally want unless I tell it?

How is DA supposed to know which one I personally want unless I tell it?

No one is arguing that at all.

I would prefer having all the rfc required addesses such as postmaster and abuse as aliases of the domain owner's email...with the ability to change them.

The distinct advantage of DA doing nothing with them is that each of us can set them up as we see site....or as Jeff has suggested, simply tell our customers that they must do it.

Do you tell your customers they need to set them up? If so, could you post the text, as your experience is far greater than mine and I can learn from it.

If you do the setup yourself, do you make assumptions on how the users want them setup?

Thanks

Do you tell your customers they need to set them up?

No because I had not thought of it until you and Jeff brought it up.

I thought you were saying that DA is not RFC compliant. If anything you would have to say that either admin or the individual users are not RFC compliant. DA cannot be RFC compliant since it is not the responsibility of DA. Being RFC compliant has nothing to do with DA except that DA provides a way for people to be RFC compliant. Its the responsibility of people to set up those email addresses whether it is the admin or the users.

No because I had not thought of it until you and Jeff brought it up.

I thought you were saying that DA is not RFC compliant. If anything you would have to say that either admin or the individual users are not RFC compliant.


It would be more accurate is I said that DA doesn't produce the RFC required email addresses when a domain is created.

There are Control Panels that do that.

I think I need to get to work on creating a message to all my customers that tells them what they need to do and how they can do it.

FWIW, they ALL come from a system that created all that for them automatically, so this will be a "learning" experience for them :(

come from a system that created all that for them automatically

This is the problem that I have. I don't want a control panel to do something automatically when it cannot possibly know what I want done. Yes I might want certain email addresses to be accepted but DA cannot possibly read my mind and know where that email should be delivered, whether its a local address or forwarded to another address.

So its my opinion that DA does it right. I don't want a piece of software to arbitrarily do something without my input as if there is only one way to do it.

I think we are coming to an understanding now even if we don't necessarily agree on the details. We each have a right to our opinion. I was trying to highlight the consequences of certain things.

This is the problem that I have. I don't want a control panel to do something automatically when it cannot possibly know what I want done.


I remember when a few friends of mine started an ISP....I was the end user test case....I ued to watch them do everything via the shell...they actually seemed to enjoy it.

I don't enjoy it at all....I would rather have the CP do it for me, and allow me to change it if required.

What would make sense to me....have the CP offer a selection creating a domain such as:

Have RFC required addresses as aliases of mail email account Y N

If it's yes, they are created as aliases that can be edited...if no, then
folks who want things as you do can do their own thing.

But this is now sounding the like discussion over webmail clients.

Now I have to find which RFC specifies which addresses are required:eek:

You could create a script that runs each time a domain is added to DA that automatically creates the required RFC addresses as forwarders that get directed to the user who own's the domain. These can then be changed, if the user wants to change them. This is how you can do it.

Create the file /usr/local/directadmin/scripts/custom/domain_create_post.sh if it does not already exist.
Put the following lines of code into the file (untested):


#!/bin/sh
file=/etc/virtual/$domain/aliases
mv $file $file.tmp
echo "abuse: $username" > $file
echo "admin: $username" >> $file
echo "hostmaster: $username" >> $file
echo "postmaster: $username" >> $file
echo "webmaster: $username" >> $file
cat $file.tmp >> $file
rm -f $file.tmp
chown mail:mail $file
chmod 600 $file
exit 0;
Save, exit, and chmod the domain_create_post.sh to 755, and you're done.If you're curious, you have to put the * at the bottom, hence the out of order methodolgy (adding the default last).

Hope this helps. :)

You could create a script that runs each time a domain is added to DA that automatically creates the required RFC addresses as forwarders that get directed to the user who own's the domain. These can then be changed, if the user wants to change them.


Thanks so much....works like a charm!

But this is now sounding the like discussion over webmail clients.


Difference being this time I agree fully with you Thom, ;)

I think an option in the CP would be a good idea, and I actually think if DA is going to manage the adding of domains, then it should also handle making the necesasry email addresses to ensure RFC compliance.

Myself I added them all to forward to my system account,

Just my two cen....pence:)

Myself I added them all to forward to my system account

My question all along is how is DA going to know that is what you want it to do? What if you want it to go to your system account but other users for other domains want it to go somewhere else?

If DA is going to do this then there has to be a way to tell DA to a certain thing for each user because each user is going to want something different.

That could be catered for in the CP surely by having a default option, then maybe in the user-email section having a new part called RFC E-mail Address location, where a user if they feel could change the default setting of where mail gets sent eg, forwarder, seperate mail-box etc

Best of both worlds, RFC compliance, and the ability to tell DA exactly what you want it to do with emails that get sent to them.

Difference being this time I agree fully with you Thom, ;)

One of your weaker moments, but I'm sure the community at large will forgive you.


I think an option in the CP would be a good idea, and I actually think if DA is going to manage the adding of domains, then it should also handle making the necesasry email addresses to ensure RFC compliance.

Jeremy's script works like a charm....


Myself I added them all to forward to my system account,


Yes...you could replace the $username with some other value.

Another way to have the RFC required addresses be answered would be to use the catchall....but in the world of spam, that doesn't sound too good to me.

As an aside....do any of RBLs list a domain/ip address if mail to the RFC required addresses aren't answered?

I guess I'll have to look at how Cobalt did it to get a list of the required aliases.
Though I agree with others who say DA shouldn't be enforcing RFC compliant, I posted the list near the top of this thread. I posted it for admin, but it would be the same list for users.

I go above and beyond RFC compliance, though ;) .

Jeff

I would say the users are not RFC compliant. I do not think this should be one of DA's jobs. I do not want DA doing this for me. Like I said before how is DA going to know where you want abuse@domain.com to go to? Do you want abuse@domain.com to go to its own mailbox or do you want it to be forwarded to another mailbox?
I agree with you Floyd, and I set it up only for admin. I know where it's supposed to go because it's part of my setup questionnaire form.

I don't know what the BQ OS does, but old Cobalts automatically aliased postmaster to the server admin. Not a good idea IMHO.

Thom, I simply tell my clients:

Internet rules (the RFCs) require that your domain has a postmaster address and an abuse address, both of which much receive email and be read by a real live human, so please set them up, either as mailboxes you check, or as forwards to a mailbox you check regularly. You should probably also read either your main login email box, or forward it somewhere as well, as the server will often send email to and from that email address.
I do it a bit more complex... with exact examples in a customized welcome email.

You can do the same.

Jeff

Jeff